Category: Internet

I had a message this morning from a friend who was having intermittent disconnection issues on their internet. The network itself was fine and, when using another provider, that too was working so it came down to evidence gathering to support the case to the ISP to investigate.

As a quick throw together, we came up with the following using wget and a batch file to repeat the command every x minutes.

Usual Disclaimers Apply: This guide should not be used to subvert copyright restrictions. Responsibility falls to the user to ensure they are not breaking the laws of the country in which they reside or breaching any restrictions placed on content published in, or on infrastructure where other jurisdictions and/or terms of service may apply. Ignorance is no defense*, if you don’t like the regulations as they stand, exercise your democratic rights and propose a solution for change. Continue reading “Grabbing Video (back) from YouTube”

There are many reasons to re-flash your home router with a different OS than the one the manufacturer has cobbled together, the Misfortune Cookie attack (US-CERT) is just one of them, Having been involved in the testing of a number of domestic xDSL routers, I have a rather low opinion on the amount of care put into the default security levels of consumer devices (but that is not what this post is about).

Image Credit: commons.wikimedia.org

I have chosen to utilise OpenWrt on one of my internal wireless access points, and – during a reconfiguration of the network, I managed to bork the settings by not paying attention. With an out-of-the-box device, there is usually a ‘Reset’ button you can hold in while powering up the device which will clear all settings and return you to the initial un-configured state. This is not quite the case with OpenWrt, but it is still a fairly easy process to return your router to a known state, and begin the configuration process again.

Using PuTTY (or your favourite *TELNET* client), connect to 192.168.1.1 and you should see the OpenWrt prompt. Type the commands below (in red) to reset the router to it’s initial, preconfigured state:

-----------------------------------------------------
root@(none):/# mount_root
jffs2 is ready
jffs2 is ready
switching to overlay
root@(none):/# firstboot
This will erase all settings and remove any installed packages. Are you sure? [N/y]
y
/dev/mtdblock3 is mounted as /overlay, only erasing files
root@(none):/# reboot –f

So, a friend* of mine asked me yesterday, (following my posting of an article), what I thought of a particular password manager – I obviously wanted to answer her question. I then decided that since I was in for a penny, I might as well be in for a pound and here we are, (hopefully) fixing my response, and posting it in a more readable format.The status post that launched a thousand words…

TLDR; No. I don’t especially like the look of it. You have to trust a company who is making money out of (hoping) their product is secure. I personally like KeePass ( http://keepass.info ) which works on all my devices and, coupled with a internet sync service (that also leaves you comfortable with the level of security offered), works on all my devices.

The UPnP protocol has a long standing history of security problems, not the least of which being that it allows unauthenticated devices to connect to and through your home network.

TLDR; UPnP is a flawed protocol which has been leveraged numerous times to conduct widespread attacks via large numbers of insecure devices. Do not enable UPnP on your network. Or do, but understand the potential consequences of your decision.

So, with another major collection of user credentials being uncovered (and reported in the mainstream media), there is a slight increase in interest in people, their data, and the credentials they use.
For those who may not yet have caught up with the news (or those reading this in the future and wondering which massive credential theft I’m referring to), this is the uncovering of the work done by ‘Cyber Vor’ who managed to snare around 1.2 billion (yes, with a B) unique user credentials.

So, with another major collection of user credentials being uncovered (and reported in the mainstream media), there is a slight increase in interest in people, their data, and the credentials they use.

Don’t put all your (credential) eggs into one basket

It’s anyone’s guess as to how long this breach will remain in the news cycle, so I thought I’d throw out an article quickly as New Zealand is currently in the throws of pre-election posturing and I imagine some political hopeful will say something controversial and the media will swing away to cover that within the next day.

For those who may not yet have caught up with the news (or those reading this in the future and wondering which massive credential theft I’m referring to), this is the uncovering of the work done by ‘Cyber Vor’ who managed to snare around 1.2 billion (yes, with a B) unique user credentials.

Initial Configuration (via Web Browser)

In the previous article, we set up (at least) two network interfaces. The first, facing the Internet (the WAN) and the second facing the internal network (the LAN).

In our instance, our WAN interface will simply pass traffic onto our existing internal network, where it is subject to existing rules and management, while the LAN interface will become the first node of our new ‘Teenage Subnet’ through which our older boys (and possibly their friends) will access the network resources (including access to the Internet).

So, anyway, we have a machine happily whirring away running pfSense and two interfaces configured, the WAN and the LAN. Now we need to connect up and get things configured.

Today I was discussing the recent work by the New Zealand Police in bring a number of people up on charges for their part in an international pedophile ring. While I’ll save you from the details (you can do your own reading using this article as a starting point), some of the alleged offenses are pretty horrific. Suffice it to say, the conversation quickly turned to how soul-destroying it must be for the OCEANZ team and organisations such as ECPAT. Continue reading “Standing on the Wall”

This is not the first success they’ve had with funding via the web but, as an indicator – the climbing value of funding is testament to the belief their community has in the work they are doing with the game.

A personal HUGE congratulations goes out from my keyboard to the Grinding Gear team, it’s awesome to see New Zealand companies doing so well on the world stage without resorting to filling paddocks with cows. 🙂

It's somewhat astounding that this tatic has persisted as conflicts devolve into the uncertainty of gurellia warfare. More so as combatants become automated (think remotely operated drones) and targeting comes as a result of algorithms. Tags: military strategy defense enemy killbox

Okay, so perhaps "fear" is overblowing things, but folks certainly SHOULD be a hell of a lot more careful about what they are connecting with reckless abandon. Manufacturers and Telcos have a long history of not making devices secure by default, which unfortunately leaves the task up to the consumer, who is rarely able to […]

"The romance scam package is designed for fraudsters who prey on lonely men via dating Web sites and small spam campaigns. The vendor of the fraud package advertises a guaranteed response rate of at least 1.2 percent, and states that customers who average 30 scam letters per day can expect to earn roughly $2,000 a week. […]

Quantum cryptography is considered a fully secure encryption method, but researchers have discovered that this is not always the case. They found that energy-time entanglement -- the method that today forms the basis for many systems of quantum cryptography -- is vulnerable to attack. Tags: Quantum cryptography security encryption

Erroneous claims that one of the San Bernardino shooters made public social-media posts about jihad have produced legislation to overhaul the process of screening visas. Tags: immigration defense policy security Security Theater metadata